Reputation: 349
share authentication cookie between .Net Core Web Apps
I would like to Authenticate in App1 and then click a link to App2 and not have to authenticate. I figure a very common scenario. And this doc says it is super easy to achieve. So I created a Identity Authenticating app verbatim of the instructions here.
I applied the 2 extra lines of code as suggested in the doc
services.AddDataProtection()
.PersistKeysToFileSystem("{PATH TO COMMON KEY RING FOLDER}")
.SetApplicationName("SharedCookieApp");
services.ConfigureApplicationCookie(options => {
options.Cookie.Name = ".AspNet.SharedCookie";
});
I then and deployed it to my local IIS server(https://localhost/App1) and it was working perfectly.
For App2, I applied the same two lines of code as above and deployed it to my local IIS server(https://localhost/App2). After authenticating to App1 and then clicking the link to App2, i got an error "No authenticationScheme was specified, and there was no DefaultChallengeScheme found". I figured that had to be missing something in App2, but the doc only ever sites those two lines of code. Anyhow, I tried adding each of the following(not all at the same time) 4 options to make it happy and nothing worked.
services.AddAuthentication("Identity.Application");
services.AddAuthentication();//fails asking for default schema and challenge
services.AddDefaultIdentity<IdentityUser>().AddEntityFrameworkStores<SharedAuthContext>();//fails
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});
Something is obviously missing from App2, but i cannot figure it out?
Upvotes: 1
Views: 1481
Answers (1)
Reputation: 11131
CookieAuthenticationDefaults.AuthenticationScheme is a constant string with value "Cookies".
Identity framework uses different names for its cookies.
IdentityConstants.ApplicationScheme->"Identity.Application"IdentityConstants.ExternalScheme->"Identity.External"(we're not interested in this)
So you should change the names to
services.AddAuthentication(options => {
options.DefaultScheme = "Identity.Application";
options.DefaultChallengeScheme = "Identity.Application";
}).AddCookie("Identity.Application", options => { ... });
Also refer to Microsoft docs on sharing cookies between apps.
https://learn.microsoft.com/en-us/aspnet/core/security/cookie-sharing?view=aspnetcore-5.0
Upvotes: 3
Related Questions
- Share authentication cookie between IdentityServer4 clients
- AspNetCore EF6 Identity Shared Cookie Authentication between apps
- Authentication cookie sharing between ASP WebForms and ASP.NET Core MVC app
- sharing asp.net 4 forms authentication cookie with asp.net core 2.0
- Sharing Cookies Between Two ASP.NET Core Applications
- ASP.NET Core Sharing Identity Cookie across azure web apps on default domain (*.azurewebsites.net)
- Sharing authentication cookie among Asp.Net Core 1 (MVC6) and MVC 5 applications
- Shared cookie authentication between ASP.NET Core RC2 and .NET 4.5.1 apps
- Sharing login cookie between applications. ASP.NET Core
- Sharing ADAuthCookie between applications